ea604416bca1b48c81ef1684a4c35f3fc8639a5fcdbff62b98f2684b6d13b0c5

Sharing

Copy URL Twitter E-mail

General

Target

ea604416bca1b48c81ef1684a4c35f3fc8639a5fcdbff62b98f2684b6d13b0c5
Size

112KB
MD5

7ffd5d7d24f5724dcffcb8b9a8875352
SHA1

e7e57fcc59d7963507088f6791e1c942072f274f
SHA256

ea604416bca1b48c81ef1684a4c35f3fc8639a5fcdbff62b98f2684b6d13b0c5
SHA512

eb28395d8be16c021b8cc0bc38838b6055c783b17725db7947fb556c8b580ae480e1101cacbd1a6b1ec9d38caf03923f3d3d1248e04ec54a1a00dc3a8e429bce
SSDEEP

1536:HjCbOzyFQHnEM0SNnUgSb7ART7Jf3wJYtQgSJt5viBE3+KJZP7x0bA8Q1RgWYdRU:HjZmqlUgOE3Ac0tdsyPmkob/+

Score

N/A

Malware Config

Signatures

Files

ea604416bca1b48c81ef1684a4c35f3fc8639a5fcdbff62b98f2684b6d13b0c5
.exe windows x86

616014693e31c121f70a9b390a3191e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
lstrcpynA
lstrcmpiW
SetFileTime
GetVersion
GetStdHandle
GetNumberFormatA
GlobalReAlloc
GetModuleFileNameW
GetSystemTime
VirtualProtectEx
GetFileAttributesW
GetVersionExW
GetModuleHandleA
RemoveDirectoryA
GlobalAlloc
IsDebuggerPresent
Sleep
GetTimeZoneInformation
GetTickCount

msvcrt

fprintf
free
getenv
_adjust_fdiv
calloc
__setusermatherr
__p__fmode
__p__commode
atexit
_controlfp
fputc
_XcptFilter
strncpy
wcslen
_initterm
realloc
_errno
_exit
__getmainargs
sqrt
__p___initenv
_setmode
memset
strcpy
__set_app_type
_except_handler3

comdlg32

GetOpenFileNameA

user32

EnableWindow
GetDlgItem
EnableMenuItem
GetDesktopWindow
EnumThreadWindows
SetClipboardData
GetCursorPos
GetLastActivePopup
GetMessageA
RemovePropA
GetMenu
IsWindow
ReleaseCapture
WindowFromPoint
SetDlgItemTextA
CreatePopupMenu
RegisterClipboardFormatA

gdi32

ExtEscape
CreatePatternBrush
CreatePenIndirect
PtVisible
ScaleWindowExtEx
RoundRect
ExtFloodFill
CreateBitmap
GetCurrentObject
BeginPath
SelectPalette
GetStockObject
StartPage
StretchBlt
GetCurrentPositionEx

advapi32

DeleteService
InitializeSecurityDescriptor
RegCreateKeyExW
RegEnumKeyA
CryptHashData
CryptReleaseContext
GetUserNameA
RegDeleteValueW
RegQueryValueA
RegQueryInfoKeyA
RegQueryInfoKeyW
OpenServiceW
ControlService
RegQueryValueExW

ole32

IIDFromString
IsAccelerator
CreateILockBytesOnHGlobal
ProgIDFromCLSID
CoRevokeClassObject
CoSetProxyBlanket
StringFromCLSID
OleDraw
CoInitializeEx
CoTaskMemFree
OleUninitialize
OleInitialize
StringFromGUID2
DoDragDrop

comctl32

InitCommonControls
CreateStatusWindowA
InitCommonControlsEx
ImageList_Remove
ImageList_EndDrag
PropertySheetW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

616014693e31c121f70a9b390a3191e0

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

gdi32

advapi32

ole32

comctl32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 47KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 47KB

.rsrc
Size: 20KB - Virtual size: 20KB